Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAristaCVE-2021-28505
HistoryApr 14, 2022 - 9:15 p.m.

CVE-2021-28505

2022-04-1421:15:08
CWE-284
CWE-863
Arista
web.nvd.nist.gov
50
arista
eos
vxlan
ipv4
access list
ip protocol
security vulnerability
nvd
cve-2021-28505

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

33.9%

JSON

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

Affected configurations

Nvd
Node
aristaccs-710p-12Match-
OR
aristaccs-710p-16pMatch-
OR
aristaccs-720xp-24y6Match-
OR
aristaccs-720xp-24zy4Match-
OR
aristaccs-720xp-48y6Match-
OR
aristaccs-720xp-48zc2Match-
OR
aristaccs-720xp-96zc2Match-
OR
aristaccs-722xpm-48y4Match-
OR
aristaccs-722xpm-48zy8Match-
OR
aristadcs-7010tx-48Match-
OR
aristadcs-7050cx3-32sMatch-
OR
aristadcs-7050cx3m-32sMatch-
OR
aristadcs-7050sx3-48c8Match-
OR
aristadcs-7050sx3-48yc12Match-
OR
aristadcs-7050sx3-48yc8Match-
OR
aristadcs-7050sx3-96yc8Match-
OR
aristadcs-7050tx3-48c8Match-
AND
aristaeosRange4.264.26.4m
OR
aristaeosRange4.274.27.1f
VendorProductVersionCPE
aristaccs-710p-12-cpe:2.3:h:arista:ccs-710p-12:-:*:*:*:*:*:*:*
aristaccs-710p-16p-cpe:2.3:h:arista:ccs-710p-16p:-:*:*:*:*:*:*:*
aristaccs-720xp-24y6-cpe:2.3:h:arista:ccs-720xp-24y6:-:*:*:*:*:*:*:*
aristaccs-720xp-24zy4-cpe:2.3:h:arista:ccs-720xp-24zy4:-:*:*:*:*:*:*:*
aristaccs-720xp-48y6-cpe:2.3:h:arista:ccs-720xp-48y6:-:*:*:*:*:*:*:*
aristaccs-720xp-48zc2-cpe:2.3:h:arista:ccs-720xp-48zc2:-:*:*:*:*:*:*:*
aristaccs-720xp-96zc2-cpe:2.3:h:arista:ccs-720xp-96zc2:-:*:*:*:*:*:*:*
aristaccs-722xpm-48y4-cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*
aristaccs-722xpm-48zy8-cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*
aristadcs-7010tx-48-cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

CNA Affected

[
  {
    "product": "EOS",
    "vendor": "Arista Networks",
    "versions": [
      {
        "lessThanOrEqual": "4.26.0",
        "status": "affected",
        "version": "4.26.3M",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.27.0",
        "status": "affected",
        "version": "4.27.0F",
        "versionType": "custom"
      }
    ]
  }
]

Related

arista 1
nvd 1
cvelist 1
prion 1
arista
arista
Security Advisory 0073
2022-03-29 00:00:00
nvd
nvd
CVE-2021-28505
2022-04-14 21:15:08
cvelist
cvelist
CVE-2021-28505 On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
2022-04-14 20:05:50
prion
prion
Design/Logic Flaw
2022-04-14 21:15:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

33.9%

JSON
Related for CVE-2021-28505
arista1nvd1cvelist1prion1